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IN THE CLAIMS 

Please amend claim 1 as indicated below. 

Please cancel claim 9 without prejudice or disclaimer. 

This listing of claims will replace all prior versions, and listings, of claims in 
the application. 

Listing of Claims: 

1 1 . (currently amended) A data processing apparatus for a vehicle, including: 

2 a first data processing unit (A) connected to device control units of the 

3 vehicle; 

4 a second data processing unit (B) connected to a communications apparatus 

5 providing a wireless connection to an external network, such that operation requests 

6 can be received at the second data processing unit (B) from the external network; 

7 a data communications link between the first and second data processing 

8 units; and 

9 a gateway component for controlling communications across the data 

10 communications link, the gateway component limiting passing of the operation 

1 1 requests from the second data processing unit to the vehicle's device control units to 

12 only a predefined set of permitted operations. 

1 2. (previously presented) A data processing apparatus according to claim 1, wherein 

2 the first data processing unit (A) is adapted to store in an urmiodifiable form a list of 

3 said predefined set of permitted operations and includes a gateway component for 

4 comparing all operation requests received from the second data processing unit (B) 

5 with the list of permitted operations, and then to pass the permitted operation requests 

6 to respective ones of said device control units and to discard non-permitted operation 

7 requests. 
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1 3. (previously presented) A data processing apparatus according to claim 2 wherein 

2 the first data processing unit (A) includes a static operating system environment and 

3 the gateway component of the first data processing unit (A) runs in the static 

4 operating system environment. 

1 4. (previously presented) A data processing apparatus according to claim 1 , wherein 

2 the second data processing unit (B) is adapted to store one or more access control lists 

3 defining which operation requests are permitted for particular requestors, and wherein 

4 the second data processing unit (B) includes a gateway component for comparing all 

5 operation requests on the first data processing unit (A) with the access control lists 

6 and only passing to the first data processing unit (A) those operation requests which 

7 are permitted for the respective requestors and discarding non-permitted operation 

8 requests. 

1 5. (previously presented) A data processing apparatus according to claim 1, wherein: 

2 the first data processing unit (A) includes a Real Time Operating System; and 

3 the second data processing unit (B) includes means for performing 

4 authentication of requestors and a gateway component for comparing all operation 

5 requests sent to the first data processing unit (A) with access control lists and for 

6 passing to the first data processing unit (A) only those operation requests which are 

7 permitted for the respective requestors and discarding non-permitted operation 

8 requests. 

6. (cancelled) 

1 7. (previously presented) A data processing apparatus, including: 

2 a first data processing unit connected to one or more security-critical 

3 resources; 

4 a second data processing unit connected to an external communications 

5 network such that operation requests can be received fi'om the external network; 
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6 a data communications link between the first and second data processing 

7 units; and 

8 a gateway component for controlling communications across the link, the 

9 gateway component limiting the operations which can be performed at the first data 

10 processing unit in response to requests fi-om the second processing unit to only a 

1 1 predefined set of permitted operation, wherein the first and second data processing 

12 units and the link between them are implemented within a network-connected home 

13 environment, and the security-critical resources include security-critical devices 

14 within the home which are managed by application programs running on the first data 

15 processing unit. 

1 8. (previously presented) A data processing apparatus according to claim 7, wherein 

2 the external network is the Internet. 

9. (cancelled) 



1 10. (original) A method for controlling the initiation of operations relating to secure 

2 resources on a first data processing unit such that only a limited predefined set of 

3 operations can be initiated by requests fi-om a second data processing unit connected 

4 to the first data processing unit by a communications link, the method comprising: 

5 storing a list of permitted operations which can be requested fi-om the second 

6 data processing unit; 

7 comparing, by a secure gateway component which controls communications 

8 across the communications link, requests to perform operations relating to secure 

9 resources on the first data processing unit with the list of permitted operations; and 
1 0 only executing the permitted operations. 

1 11. (original) A method according to claim 10, implemented within a vehicle which 

2 includes the first and second data processing units, wherein the secure resources 

3 include the vehicle's internal device control units. 
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